Microsoft Makes Security Move with Release of ISA Server

ENT, March 26, 2001 by CHRISTOPHER McCONNELL

Expanding functionality to existing products -- whether adding conferencing services to an e-mail server or an HTML editor to a word processor -- is one of Microsoft's strong suits. And Microsoft is continuing this trend with the release of its Internet Security and Acceleration (ISA) Server. Redmond added firewall features to its proxy server software, as well as the ability for third-party developers to extend ISA Server's functionality by creating plug-ins for the product.

ISA Server is in some ways an update to Microsoft's Proxy Server 2.0. Proxy Server keeps frequently accessed content at the edge of the network, reducing network load and improving end-user performance. Lucian Lui, lead product manager for ISA Server at Microsoft, says changes in the Internet have created new demands from edge-of-network servers in the four years since Proxy Server 2.0 was released.

Microsoft, however, considers ISA Server an entirely new product, since it reflects new customer and market demands. Microsoft presents ISA Server as a platform for ISVs to add both security and caching functionality, offering a software developers kit to interested ISVs.

Microsoft hails the product as its entry into the security market. "What we're really leveraging is the Microsoft security infrastructure," Lui says. He says Microsoft is uniquely qualified to provide security products, since it has years of experience creating hotfixes, issuing vulnerability reports, and working to make Windows a secure platform. "We have a process in place here," Lui says.

Redmond contrasts its solution with firewalls from security-specific vendors, saying the others do not offer operating systems to complement their firewalls. Lui also says the integration of a firewall and a proxy server is unique among Windows vendors. "You don't see many vendors in the security space adding caching, or caching vendors adding a firewall," he explains.

ISA's firewall component will filter Internet traffic at the packet, circuit, and application level to help administrators ensure that networks are used appropriately. Microsoft also included licensed intrusion detection technology from Internet Security Systems. The integrated feature alerts administrators to malicious attempts to breach the network.

ISA Server plugs into the Windows 2000 Microsoft Management Console, allowing centralized administration of firewalls. From a single console, administrators can manage any number of ISA servers, reducing complexity and saving time.

Kevin Schuler, president of system integrator InDepth Technology, says centralized management is a key feature of ISA Server. "The array management is very sophisticated," he says. "This is a very easy firewall to manage." InDepth caters to midsized business, and Schuler believes inconsistent management is the greatest security problem in the businesses he sees. ISA, he says, can aid these administrators.

Microsoft hopes to extend ISA Server's security functionality by releasing a software developers kit to third-party developers. A number of security-related ISVs signed on to create plug-ins for ISA Server. Other companies announced that they would integrate current product lines with the ISA platform.

Baltimore Technology says it will integrate its MIMEsweeper filtering product with ISA Server. Together, the products will enable administrators a higher level of e-mail and HTTP traffic filtering.

N2H2 Inc. provides content filtering products that help ensure users do not access inappropriate information from corporate networks. It initially developed for Linux, but decided to move to Windows 2000 to gain a greater foothold in the enterprise.

Mark Holcomb, senior product manager at N2H2, says developing a plug-in for ISA Server sped its time to market, compared with creating a stand-alone product. "We were looking for something with high-speed processing, easy integration, and a high degree of scalability," he says, asserting that ISA Server fit the bill.

Hewlett-Packard (HP) hinted that it would adapt its WebEnforcer system-hardening package to integrate with ISA Server. WebEnforcer sets and monitors permissions on Windows NT and Windows 2000 machines. It can also manage hotfixes through a related security subscription service.

"ISA provides really good firewall services, as well as good proxy services," says Gary Serounts, director of products and services at HP's Internet security division. He believes ISA Server and WebEn forcer are complimentary products.

ISA Server is available in two flavors: Standard Edition, for single-server implementations, and Enterprise Edition, which can scale across multiple machines.

Caching appliances and server appliances are hot products in the Web farm, and Microsoft has been working with partners to create storage and other server appliances. Lui says Microsoft has not decided whether it will pursue the caching appliance market with ISA Server, but notes that OEM partners have approached Redmond to use ISA Server in a caching appliance.